Certificate
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/dbRxTE9hvqBKAs-c9WOuE09HnIU.cer
File: dbRxTE9hvqBKAs-c9WOuE09HnIU.cer (raw, json)
Hash identifier: W6rkB2lJwglMlyfHertMFdaZDlpASeU9ontOVmY5gyE=
Subject key identifier: 75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
Authority key identifier: 04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
Certificate issuer: /CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Certificate serial: BB01
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
Manifest: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft
caRepository: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/
Notify URL: https://rpki.cnnic.cn/rrdp/notify.xml
Certificate not before: Fri 27 Sep 2024 02:49:51 +0000
Certificate not after: Sat 27 Sep 2025 02:40:14 +0000
Subordinate resources: AS: 59083
IP: 43.254.152.0/22
IP: 45.252.8.0 -- 45.252.51.255
IP: 45.252.84.0/22
IP: 45.252.100.0/22
IP: 45.252.132.0 -- 45.252.139.255
IP: 45.252.144.0/22
IP: 59.153.168.0 -- 59.153.195.255
IP: 103.5.192.0/22
IP: 103.6.108.0/22
IP: 103.6.228.0/22
IP: 103.10.0.0/22
IP: 103.24.116.0/22
IP: 103.198.216.0 -- 103.198.247.255
IP: 103.220.248.0 -- 103.221.51.255
IP: 103.221.92.0/22
IP: 150.242.236.0/22
IP: 202.57.216.0/22
IP: 202.58.112.0/22
IP: 202.89.96.0/22
IP: 202.89.108.0/22
IP: 202.136.248.0/22
IP: 202.174.124.0/22
IP: 2403:1b80::/32
IP: 2406:1e80::/32
Validation: OK
Signature path: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.mft
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl
rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl
rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl
rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft
rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer
Signature path expires: Fri 22 Nov 2024 14:53:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 47873 (0xbb01)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A9162E3D0000/serialNumber=041629B6A9EAB7CB1324EA3978F03796F889B540
Validity
Not Before: Sep 27 02:49:51 2024 GMT
Not After : Sep 27 02:40:14 2025 GMT
Subject: CN=75B4714C4F61BEA04A02CF9CF563AE134F479C85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:30:31:33:75:03:08:6f:1c:15:28:ca:54:13:
ef:d5:91:d3:db:2e:8e:a5:d3:36:f5:f3:ff:18:5f:
3f:06:19:2e:0d:44:81:ff:48:80:90:f1:b8:cd:0c:
18:39:3b:78:d4:7e:cc:b0:77:81:df:c7:5c:65:e6:
2a:3b:83:3a:c0:c2:98:0d:23:a6:fd:cd:c0:42:b5:
04:72:a8:d5:ce:29:a1:cc:0f:75:04:8e:89:22:73:
ed:c9:8e:03:74:ff:ed:d6:eb:8b:86:b0:dc:7a:13:
af:ba:43:c3:77:c4:ba:4b:9e:b0:f5:d3:a4:f1:15:
2f:01:f8:e5:1c:70:3d:94:e8:27:ee:eb:34:ab:00:
a8:6f:20:67:82:9b:d3:d0:a7:80:bd:e1:3a:05:52:
b7:9b:18:47:23:11:12:74:9c:15:7e:a7:a2:21:d8:
d1:26:e7:07:65:a1:cd:3f:7a:95:73:c9:58:b5:ce:
68:ed:32:49:c8:db:1f:5f:13:96:e9:c1:7f:a6:5e:
be:85:c1:fd:a1:d5:06:78:06:64:fb:ee:1b:0d:57:
10:ba:4f:bc:48:14:f1:7d:b4:fd:2b:ed:a4:f0:1d:
3c:6a:7b:d3:e7:72:61:fc:e5:b3:02:c7:ef:97:5a:
81:79:6e:c4:d8:f8:bc:a7:da:4d:91:49:3d:8f:24:
65:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B4:71:4C:4F:61:BE:A0:4A:02:CF:9C:F5:63:AE:13:4F:47:9C:85
X509v3 Authority Key Identifier:
keyid:04:16:29:B6:A9:EA:B7:CB:13:24:EA:39:78:F0:37:96:F8:89:B5:40
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/BBYptqnqt8sTJOo5ePA3lviJtUA.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BBYptqnqt8sTJOo5ePA3lviJtUA.cer
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Subject Information Access:
CA Repository - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/
RPKI Manifest - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/577/dbRxTE9hvqBKAs-c9WOuE09HnIU.mft
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
59083
sbgp-ipAddrBlock: critical
IPv4:
43.254.152.0/22
45.252.8.0-45.252.51.255
45.252.84.0/22
45.252.100.0/22
45.252.132.0-45.252.139.255
45.252.144.0/22
59.153.168.0-59.153.195.255
103.5.192.0/22
103.6.108.0/22
103.6.228.0/22
103.10.0.0/22
103.24.116.0/22
103.198.216.0-103.198.247.255
103.220.248.0-103.221.51.255
103.221.92.0/22
150.242.236.0/22
202.57.216.0/22
202.58.112.0/22
202.89.96.0/22
202.89.108.0/22
202.136.248.0/22
202.174.124.0/22
IPv6:
2403:1b80::/32
2406:1e80::/32
Signature Algorithm: sha256WithRSAEncryption
13:e7:92:63:8b:77:23:a3:39:31:e8:a0:5f:db:5e:72:da:6d:
f2:4c:66:65:f3:2c:04:8f:82:d7:c1:26:cb:38:d5:23:de:a7:
aa:93:b0:f0:b2:15:48:28:6c:3c:62:1e:79:7b:4d:d4:28:58:
73:86:1d:a9:de:f3:90:08:e1:8d:a6:5c:55:74:63:40:dc:7d:
67:1b:19:f7:d3:69:c0:9b:a6:6e:6d:b8:ba:21:27:0f:81:a8:
da:56:d5:da:1a:5f:a3:26:ca:c4:cb:7e:68:9a:21:04:9a:27:
b5:8b:3a:ad:92:a2:4a:15:cb:be:e3:c4:64:c4:01:43:71:60:
b7:a4:f8:8a:a6:a9:2f:62:38:59:22:6d:19:a1:a0:d7:97:dd:
19:ce:83:f0:c8:ce:55:a9:3f:18:0f:c7:4c:ee:bb:fe:fd:94:
6e:b2:d8:48:f4:27:46:65:0f:98:b2:78:bc:7d:12:f9:88:56:
46:02:2f:d9:71:d9:da:63:f8:14:0e:4b:33:3a:2d:06:7e:19:
97:a1:31:d8:a3:aa:7e:31:9e:18:3b:71:36:74:84:90:77:fd:
d5:6d:07:69:b9:d6:5f:e2:4b:dd:95:7c:09:e8:63:58:95:e0:
b4:0e:c5:14:61:ac:00:d0:0d:d3:06:50:e6:82:7f:a9:9b:6a:
31:85:39:87
-----BEGIN CERTIFICATE-----
MIIGLDCCBRSgAwIBAgIDALsBMA0GCSqGSIb3DQEBCwUAMEoxFTATBgNVBAMTDEE5
MTYyRTNEMDAwMDExMC8GA1UEBRMoMDQxNjI5QjZBOUVBQjdDQjEzMjRFQTM5NzhG
MDM3OTZGODg5QjU0MDAeFw0yNDA5MjcwMjQ5NTFaFw0yNTA5MjcwMjQwMTRaMDMx
MTAvBgNVBAMTKDc1QjQ3MTRDNEY2MUJFQTA0QTAyQ0Y5Q0Y1NjNBRTEzNEY0NzlD
ODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfMDEzdQMIbxwVKMpU
E+/VkdPbLo6l0zb18/8YXz8GGS4NRIH/SICQ8bjNDBg5O3jUfsywd4Hfx1xl5io7
gzrAwpgNI6b9zcBCtQRyqNXOKaHMD3UEjokic+3JjgN0/+3W64uGsNx6E6+6Q8N3
xLpLnrD106TxFS8B+OUccD2U6Cfu6zSrAKhvIGeCm9PQp4C94ToFUrebGEcjERJ0
nBV+p6Ih2NEm5wdloc0/epVzyVi1zmjtMknI2x9fE5bpwX+mXr6Fwf2h1QZ4BmT7
7hsNVxC6T7xIFPF9tP0r7aTwHTxqe9PncmH85bMCx++XWoF5bsTY+Lyn2k2RST2P
JGUrAgMBAAGjggMwMIIDLDAdBgNVHQ4EFgQUdbRxTE9hvqBKAs+c9WOuE09HnIUw
HwYDVR0jBBgwFoAUBBYptqnqt8sTJOo5ePA3lviJtUAwGAYDVR0gAQH/BA4wDDAK
BggrBgEFBQcOAjBYBgNVHR8EUTBPME2gS6BJhkdyc3luYzovL3Jwa2kuY25uaWMu
Y24vcnBraS9BOTE2MkUzRDAwMDAvQkJZcHRxbnF0OHNUSk9vNWVQQTNsdmlKdFVB
LmNybDB+BggrBgEFBQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5h
cG5pYy5uZXQvcmVwb3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZE
MUZGMi9CQllwdHFucXQ4c1RKT281ZVBBM2x2aUp0VUEuY2VyMA8GA1UdEwEB/wQF
MAMBAf8wDgYDVR0PAQH/BAQDAgEGMIHWBggrBgEFBQcBCwSByTCBxjA4BggrBgEF
BQcwBYYscnN5bmM6Ly9ycGtpLmNubmljLmNuL3Jwa2kvQTkxNjJFM0QwMDAwLzU3
Ny8wVwYIKwYBBQUHMAqGS3JzeW5jOi8vcnBraS5jbm5pYy5jbi9ycGtpL0E5MTYy
RTNEMDAwMC81NzcvZGJSeFRFOWh2cUJLQXMtYzlXT3VFMDlIbklVLm1mdDAxBggr
BgEFBQcwDYYlaHR0cHM6Ly9ycGtpLmNubmljLmNuL3JyZHAvbm90aWZ5LnhtbDAa
BggrBgEFBQcBCAEB/wQLMAmgBzAFAgMA5sswgd8GCCsGAQUFBwEHAQH/BIHPMIHM
MIGzBAIAATCBrAMEAiv+mDAMAwQDLfwIAwQCLfwwAwQCLfxUAwQCLfxkMAwDBAIt
/IQDBAIt/IgDBAIt/JAwDAMEAzuZqAMEAjuZwAMEAmcFwAMEAmcGbAMEAmcG5AME
AmcKAAMEAmcYdDAMAwQDZ8bYAwQDZ8bwMAwDBANn3PgDBAJn3TADBAJn3VwDBAKW
8uwDBALKOdgDBALKOnADBALKWWADBALKWWwDBALKiPgDBALKrnwwFAQCAAIwDgMF
ACQDG4ADBQAkBh6AMA0GCSqGSIb3DQEBCwUAA4IBAQAT55Jji3cjozkx6KBf215y
2m3yTGZl8ywEj4LXwSbLONUj3qeqk7DwshVIKGw8Yh55e03UKFhzhh2p3vOQCOGN
plxVdGNA3H1nGxn302nAm6Zubbi6IScPgajaVtXaGl+jJsrEy35omiEEmie1izqt
kqJKFcu+48RkxAFDcWC3pPiKpqkvYjhZIm0ZoaDXl90ZzoPwyM5VqT8YD8dM7rv+
/ZRusthI9CdGZQ+Ysni8fRL5iFZGAi/ZcdnaY/gUDkszOi0GfhmXoTHYo6p+MZ4Y
O3E2dISQd/3VbQdpudZf4kvdlXwJ6GNYleC0DsUUYawA0A3TBlDmgn+pm2oxhTmH
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:42:28 2024 by rpki-client on console-ams.rpki-client.org